GR-6.1.3

(a) grant ancillary service providersG of the types referred to in Paragraph AU-1.2.1 (f) and (g) of Rulebook Volume 5: Ancillary Service Providers Authorisation Module, access to customer accounts on an objective, non-discriminatory basis based on consents obtained from the customer;

(b) provide the criteria that the Islamic retail bank licenseesG applies when considering requests pursuant to sub-paraphrah (a) above for such access; and

(c) ensure that those criteria are applied in a manner which ensures compliance with sub-paragraph (a) above while ensuring adherence to Law No 30 of 2018, Personal Data Protection Law (PDPL) issued on 12 July 2018.